AlienVault OSSIM Bootcamp course will teach students about the Security Information and Event Management (SIEM) system, which is used to aggregate logs for all sources in a network, analyze the logs through a correlation engine and generating alarms on malicious indicators and activities. The course will make them familiar with the installation and configuration of a very popular open-source SIEM tool. Moreover, they will also be familiarized with basic OSSIM operations like asset discovery, vulnerability assessment, intrusion detection and much more.

This level will start with the basic introduction to OSSIM followed by a series of lectures for setting up the lab environment. Once the lab environment is set, the trainer focuses on teaching the basic and most advanced OSSIM operations. It also covers lectures related to setting up of the OTX account and other key concepts and features.

 

 

Trainer Name: Vishal Pradhan
Designation: Senior Security Engineer, Purple Team SME, OSSIM and Cyber Range Expert at QOS Technology
Certifications: CCSA, CCSE, CCSBA Certified Infosec Engineer

Introduction to AlienVault OSSIM
What is OSSIM?
Setting up the Lab Environment
Setting up of Oracle VM VirtualBox, Kali Linux and Internal Server / Endpoints
OSSIM Installation
OSSIM First Time Wizard
OSSIM Internet Configuration
OSSIM Monitoring Interface Verification
Basic Operations in OSSIM
Asset Discovery
Vulnerability Assessment
Intrusion Detection
Behavioral Monitoring
Security Intelligence
Setting up an OTX account
Registering to OTX and configuring OTX in OSSIM
Subscribing to few pulses
Maintenance & Reporting
Backup & Restore
Generation of reports for alarms and for SIEM events